Re: Defining Groups with AD users
- From: stcheng@xxxxxxxxxxxxxxxxxxxx (Steven Cheng[MSFT])
- Date: Tue, 30 Oct 2007 03:21:00 GMT
Thanks for your reply Geoff,
For the new question you mentioned. I'm afraid we seems have no luck here.
So far ASP.NET membership or role service doesn't provide built-in UI for
us to assocate custom roles and windows authenticated users. I think the
reasonable approach here would be create a simple page which use ADSI to
query all the users and use RoleManager API to assocate roles. Though it
will add some work, however, I'm sure it would still be convenient since
ASP.NET databinding(such as GridView) and the existing Role API has saved
us much time.
If there is anything else we can help, welcome to post here.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
From: "GeoffreyD" <GeoffreyD@xxxxxxxxxxxxxxxx>
Subject: Re: Defining Groups with AD users
Date: Mon, 29 Oct 2007 20:26:05 +0200
Regardsthe
Geoff
"Steven Cheng[MSFT]" <stcheng@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:uwMxPf4FIHA.5204@xxxxxxxxxxxxxxxxxxxxxxxxx
Hi GeoffreyD,
For ASP.NET authentication and role based authorization, you can adopt
youMembership and RoleManager providers. Also, these two providers are
separate so that you can configure each of them to use different provider
respectively. For example, you can configure the membership to use AD
membership provider and Rolemanager to use SQL server provider. Thus,
http://weblogs.asp.net/scottgu/pages/Recipe_3A00_-Implementing-Role_2D00_Bascan make your client user be authenticated against AD database and after
they have login, their role is retrieved from SQL Server database(via the
role manager provider).
Here is a good article demonstrate using windows authentication(not AD
membership provider since membership is mainly used for forms
authentication) and SQL role manager provider. Howerver, the idea is the
same:
#Recipe: Implementing Role-Based Security with ASP.NET 2.0 using Windows
Authentication and SQL Server
ed-Security-with-ASP.NET-2.0-using-Windows-Authentication-and-SQL-Server.asp
Rolex
And there are some other good reference about ASP.NET 2.0 Membershp &
http://weblogs.asp.net/scottgu/archive/2006/06/19/ASP.NET-2.0-Security_2C00_provider:
#How To: Use Membership in ASP.NET 2.0
http://msdn2.microsoft.com/en-us/library/ms998347.aspx
#ASP.NET 2.0 Security, Membership and Roles Tutorials
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif-Membership-and-Roles-Tutorials.aspx
Hope this helps.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
==================================================
Get notification to my posts through email? Please refer to
issuesications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent
followwhere an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each
myup response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no
rights.
--------------------
From: "GeoffreyD" <GeoffreyD@xxxxxxxxxxxxxxxx><1193345303.827269.191480@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
References: <OFHApa0FIHA.4808@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: Defining Groups with AD users
Date: Thu, 25 Oct 2007 22:56:40 +0200
Hey, thanks for the reply but I am doing something similar currently. Ineed
a more streamlined and generalised solution due to the number of usersthat
need to use the site. More importantly, users from different groups areon
permitted to visit the same page (e.g. the data will be editable for some
but read-only to others) so I need to be able to check group permissions
a task basis as a opposed to page access basis.
"Alexey Smirnov" <alexey.smirnov@xxxxxxxxx> wrote in message
news:1193345303.827269.191480@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
On Oct 25, 10:35 pm, "GeoffreyD" <Geoffr...@xxxxxxxxxxxxxxxx> wrote:
Hi
I am working on an internal ap.net site and am wanting to assign
permissions
to users using their AD account to authenticate against, but am not
wanting
to setup the actual groups within AD. At the moment is it seems that
whatonly
answers are ADAM and AzMan. does anyone have any suggestions as to
I
could use from a pure programmatic perspective?
Thanks
for a page based permissions you can use the web.config file
<authorization>
<allow users="user1,user2"/>
.
- References:
- Defining Groups with AD users
- From: GeoffreyD
- Re: Defining Groups with AD users
- From: Alexey Smirnov
- Re: Defining Groups with AD users
- From: GeoffreyD
- Re: Defining Groups with AD users
- From: Steven Cheng[MSFT]
- Re: Defining Groups with AD users
- From: GeoffreyD
- Defining Groups with AD users
- Prev by Date: Re: Defining Groups with AD users
- Next by Date: Creating Certificate in .NET 2.0
- Previous by thread: Re: Defining Groups with AD users
- Next by thread: Impersonation with users of 2 domain (nor trusted)
- Index(es):
Relevant Pages
|
|
